DMARC (Domain-based Message Authentication Reporting and Conformance) is an email authentication protocol that works with SPF and DKIM to help prevent domain spoofing and improve deliverability.

What are DMARC policies?

DMARC policies include p=none for monitoring, p=quarantine for sending suspicious emails to spam, and p=reject to block unauthorized emails.

How do I set up a DMARC record?

In your DNS, create a TXT record for _dmarc.yourdomain.com with a value like v=DMARC1; p=none;. Add reporting addresses (rua/ruf) if desired, save the record, and allow time for propagation.

How do I monitor DMARC reports?

After publishing your DMARC record, reports (if configured) will be sent to the rua/ruf email addresses you specify. These reports help you monitor authentication results and adjust your policy safely.

🥳 Celebrate Our Launch With a $200 LIFETIME Discount OFF The Premium Plan Use: BIRTHDAY2024

This offer expires 9/30/2024, at 11:59 PM EST

BizStackPro all-in-one digital marketing platform dashboard.

How to Set Up DMARC Records for Email – BizStackPro Help

How to Set Up DMARC Records for Email

Protect your domain from spoofing and phishing by configuring a DMARC record. This guide shows you how to publish DMARC in DNS and use it alongside SPF and DKIM for stronger authentication.

Browse Help Center See All Plans & Features

What is DMARC?

DMARC (Domain-based Message Authentication Reporting and Conformance) is an email security protocol that builds on SPF and DKIM. It helps mailbox providers verify that messages claiming to be from your domain are actually authorized, and it tells providers what to do when authentication fails.

Best practice: Make sure SPF and DKIM are set up first. DMARC is most effective when both are working correctly.

DMARC Policies (What Happens on Failure)

p=none — Monitor only (no enforcement). Great for starting safely.
p=quarantine — Treat failed messages as suspicious (often routed to spam).
p=reject — Block failed messages from delivery.

Pro tip: Start with p=none to collect data first, then move to quarantine or reject once you’re confident all legitimate senders are authenticating properly.

Step-by-Step: Add a DMARC TXT Record in DNS

Prepare your sending setup: Ensure your domain/subdomain is configured for sending (and that SPF/DKIM are present).
Open your DNS provider: Log in where your DNS is managed (Cloudflare, GoDaddy, Namecheap, etc.).
Create a TXT record using the DMARC host/name format.
Publish the record and allow time for propagation (often minutes, sometimes up to 24 hours).
Monitor results (especially if you add reporting addresses).

Starter DMARC example (monitor-only):

Type: TXT
Name/Host: _dmarc.yourdomain.com
Value: v=DMARC1; p=none;

If you’re using a sending subdomain, your host/name may be different (for example: _dmarc.communication). Use the exact format your DNS provider requires.

Key DMARC Tags Explained

v — Version (always DMARC1).
p — Policy (none, quarantine, reject).
adkim — DKIM alignment (r relaxed, s strict).
aspf — SPF alignment (r relaxed, s strict).
pct — % of mail the policy applies to (useful for gradual enforcement).
rua — Aggregate report email address (recommended for monitoring).
ruf — Forensic report email address (not always supported by all providers).

Monitoring example with reports: Add reporting addresses so you can see which sources are sending mail for your domain.

v=DMARC1; p=none; rua=mailto:[email protected]; pct=100;

How to Monitor DMARC Reports

DMARC reports (when configured) help you verify that your legitimate senders are passing authentication and reveal unauthorized sources attempting to spoof your domain.

Aggregate reports (rua): High-level summaries (often XML) of authentication results.
Forensic reports (ruf): Failure details (availability varies by provider).
Next step: After monitoring, move from p=none → p=quarantine → p=reject when you’re confident.

Want stronger deliverability with fewer headaches?

With BizStackPro, you can manage email sending, campaigns, and CRM follow-ups in one place—while keeping authentication and reputation on track.

🚀 See All Plans & Features

Opens in a new tab.

Frequently Asked Questions

What does DMARC do for email security?

It reduces spoofing and phishing by telling inbox providers how to handle messages that fail SPF/DKIM checks and by enabling reporting.

Can I change the DMARC policy later?

Yes. Start with p=none to monitor, then increase enforcement to p=quarantine or p=reject once legitimate senders are authenticating correctly.

What reports will I receive?

If you add a rua address, you can receive aggregate reports (often XML). Some providers also support forensic reports via ruf.

📚 Browse More Help Guides

Secure Your Domain and Improve Inbox Placement

DMARC helps you monitor (and eventually block) unauthorized sending. Pair it with SPF and DKIM so your BizStackPro emails build trust with inbox providers over time.

✅ View Plans & Features

Less spoofing. Better deliverability.

📚 Browse More Help Guides

Disclaimer: This site is NOT endorsed by Google, Facebook or YouTube in ANY WAY. All trademarks & Logo / branding are the property of their respective owners. Please Note: This site was created in BizStackPro by Ken George II (An Affiliate of BizStackPro) and may contain affiliate links.